You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
217 lines
5.5 KiB
217 lines
5.5 KiB
<?php
|
|
/***************************************************************************
|
|
* common.php
|
|
* -------------------
|
|
* begin : Saturday, Feb 23, 2001
|
|
* copyright : (C) 2001 The phpBB Group
|
|
* email : support@phpbb.com
|
|
*
|
|
* $Id: common.php,v 1.9 2005/01/04 15:04:11 saraj Exp $
|
|
*
|
|
*
|
|
***************************************************************************/
|
|
|
|
/***************************************************************************
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
***************************************************************************/
|
|
include('extension.inc');
|
|
define ('IN_PHPBB', true);
|
|
|
|
if ( !defined('IN_PHPBB') )
|
|
{
|
|
die("Hacking a attempt");
|
|
}
|
|
|
|
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
|
|
//set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
|
|
|
|
|
|
|
|
//
|
|
// addslashes to vars if magic_quotes_gpc is off
|
|
// this is a security precaution to prevent someone
|
|
// trying to break out of a SQL statement.
|
|
//
|
|
|
|
/*
|
|
Data redirected to vtiger crm index page itself
|
|
if( !get_magic_quotes_gpc() )
|
|
{
|
|
if( is_array($HTTP_GET_VARS) )
|
|
{
|
|
while( list($k, $v) = each($HTTP_GET_VARS) )
|
|
{
|
|
if( is_array($HTTP_GET_VARS[$k]) )
|
|
{
|
|
while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
|
|
{
|
|
$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
|
|
}
|
|
@reset($HTTP_GET_VARS[$k]);
|
|
}
|
|
else
|
|
{
|
|
$HTTP_GET_VARS[$k] = addslashes($v);
|
|
}
|
|
}
|
|
@reset($HTTP_GET_VARS);
|
|
}
|
|
|
|
if( is_array($HTTP_POST_VARS) )
|
|
{
|
|
|
|
|
|
while( list($k, $v) = each($HTTP_POST_VARS) )
|
|
{
|
|
if( is_array($HTTP_POST_VARS[$k]) )
|
|
{
|
|
while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
|
|
{
|
|
$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
|
|
}
|
|
@reset($HTTP_POST_VARS[$k]);
|
|
}
|
|
else
|
|
{
|
|
$HTTP_POST_VARS[$k] = addslashes($v);
|
|
}
|
|
}
|
|
@reset($HTTP_POST_VARS);
|
|
}
|
|
|
|
if( is_array($HTTP_COOKIE_VARS) )
|
|
{
|
|
while( list($k, $v) = each($HTTP_COOKIE_VARS) )
|
|
{
|
|
if( is_array($HTTP_COOKIE_VARS[$k]) )
|
|
{
|
|
while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
|
|
{
|
|
$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
|
|
}
|
|
@reset($HTTP_COOKIE_VARS[$k]);
|
|
}
|
|
else
|
|
{
|
|
$HTTP_COOKIE_VARS[$k] = addslashes($v);
|
|
}
|
|
}
|
|
@reset($HTTP_COOKIE_VARS);
|
|
}
|
|
}
|
|
*/
|
|
|
|
//
|
|
// Define some basic configuration arrays this also prevents
|
|
// malicious rewriting of language and otherarray values via
|
|
// URI params
|
|
//
|
|
$board_config = array();
|
|
$userdata = array();
|
|
|
|
//Modified for conflict with crm theme
|
|
//$theme = array();
|
|
if(empty($theme))
|
|
{
|
|
$theme=array();
|
|
}
|
|
//
|
|
|
|
$images = array();
|
|
$lang = array();
|
|
$gen_simple_header = FALSE;
|
|
|
|
$curr_dir= getcwd();
|
|
if ((strstr($curr_dir, '/admin') == '/admin') || (strstr($curr_dir, '\admin') == '\admin'))
|
|
{
|
|
include('../../../config.'.$phpEx);
|
|
}
|
|
else
|
|
{
|
|
include('config.'.$phpEx);
|
|
}
|
|
|
|
if( !defined("PHPBB_INSTALLED") )
|
|
{
|
|
header("Location: install/install.$phpEx");
|
|
exit;
|
|
}
|
|
// $phpbb_root_path='/home/shankarr/buildtest/Oct181434/vtiger/apache/htdocs/vtiger_crm/modules/MessageBoard/';
|
|
// $phpEx="php";
|
|
include($phpbb_root_path . 'includes/constants.'.$phpEx);
|
|
include($phpbb_root_path . 'includes/template.'.$phpEx);
|
|
include($phpbb_root_path . 'includes/sessions.'.$phpEx);
|
|
include($phpbb_root_path . 'includes/auth.'.$phpEx);
|
|
include($phpbb_root_path . 'includes/functions.'.$phpEx);
|
|
include($phpbb_root_path . 'includes/db.'.$phpEx);
|
|
|
|
//
|
|
// Obtain and encode users IP
|
|
//
|
|
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
|
|
{
|
|
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
|
|
|
|
$entries = explode(',', getenv('HTTP_X_FORWARDED_FOR'));
|
|
reset($entries);
|
|
while (list(, $entry) = each($entries))
|
|
{
|
|
$entry = trim($entry);
|
|
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", $entry, $ip_list) )
|
|
{
|
|
$private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.((1[6-9])|(2[0-9])|(3[0-1]))\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/');
|
|
$found_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
|
|
|
|
if ($client_ip != $found_ip)
|
|
{
|
|
$client_ip = $found_ip;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
|
|
}
|
|
$user_ip = encode_ip($client_ip);
|
|
|
|
|
|
//
|
|
// Setup forum wide options, if this fails
|
|
// then we output a CRITICAL_ERROR since
|
|
// basic forum information is not available
|
|
//
|
|
$sql = "SELECT *
|
|
FROM " . CONFIG_TABLE;
|
|
if( !($result = $db->sql_query($sql)) )
|
|
{
|
|
message_die(CRITICAL_ERROR, "Could not query config information", "", __LINE__, __FILE__, $sql);
|
|
}
|
|
|
|
while ( $row = $db->sql_fetchrow($result) )
|
|
{
|
|
//getting all the values and setting in a loop
|
|
$board_config[$row['config_name']] = $row['config_value'];
|
|
}
|
|
include($phpbb_root_path . 'attach_mod/attachment_mod.'.$phpEx);
|
|
|
|
if (file_exists($phpbb_root_path . 'install') || file_exists('contrib'))
|
|
{
|
|
message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted');
|
|
}
|
|
|
|
//
|
|
// Show 'Board is disabled' message if needed.
|
|
//
|
|
if( $board_config['board_disable'] && !defined("IN_ADMIN") && !defined("IN_LOGIN") )
|
|
{
|
|
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
|
|
}
|
|
|
|
?>
|
|
|